current/SOURCES/0006-parsettf.c-Fix-out-of-bounds-read-condition-on-buffe.patch

From 7bfec47910293bf149b8debe44c6f3f788506092 Mon Sep 17 00:00:00 2001
From: Jeremy Tan <jtanx@outlook.com>
Date: Sun, 30 Jul 2017 11:56:43 +0800
Subject: [PATCH 6/6] parsettf.c: Fix out of bounds read condition on buffer

Closes #3093
---
 fontforge/parsettf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/fontforge/parsettf.c
+++ b/fontforge/parsettf.c
@@ -1744,7 +1744,7 @@
     if ( info->version==NULL ) info->version = copy("1.0");
     else if ( strnmatch(info->version,"Version ",8)==0 ) {
        char *temp = copy(info->version+8);
-       if ( temp[strlen(temp)-1]==' ' )
+       if ( temp[0] != '\0' && temp[strlen(temp)-1]==' ' )
            temp[strlen(temp)-1] = '\0';
        free(info->version);
        info->version = temp;
1	From 7bfec47910293bf149b8debe44c6f3f788506092 Mon Sep 17 00:00:00 2001
2	From: Jeremy Tan <jtanx@outlook.com>
3	Date: Sun, 30 Jul 2017 11:56:43 +0800
4	Subject: [PATCH 6/6] parsettf.c: Fix out of bounds read condition on buffer
5
6	Closes #3093
7	---
8	fontforge/parsettf.c \| 2 +-
9	1 file changed, 1 insertion(+), 1 deletion(-)
10
11	--- a/fontforge/parsettf.c
12	+++ b/fontforge/parsettf.c
13	@@ -1744,7 +1744,7 @@
14	if ( info->version==NULL ) info->version = copy("1.0");
15	else if ( strnmatch(info->version,"Version ",8)==0 ) {
16	char *temp = copy(info->version+8);
17	- if ( temp[strlen(temp)-1]==' ' )
18	+ if ( temp[0] != '\0' && temp[strlen(temp)-1]==' ' )
19	temp[strlen(temp)-1] = '\0';
20	free(info->version);
21	info->version = temp;